Practice makes perfect. So, when I perform an action in Windows, I try to learn how to do the same action using PowerShell.
This is helpful for two reasons. The first reason is that, by using PowerShell, I can automate the action. The second reason is that there are times when only PowerShell is available. For example, Server Core and Nano Sever have no GUI.
Now, when I write “action”, I mean just about anything, like, for example, getting information from the system or setting system settings.
PowerShell can inform us about and perform changes to the file system, the registry, the CIM/WMI repository, the network, the Internet, the installed (server and client) applications, the services, processes and threads, the various logs, and all sorts of system-specific and application-specific settings.
I get ideas from any action I perform and any program I execute.
For example, I use Process Explorer a lot. Whatever actions I can use Process Explorer for, I also try to perform using PowerShell. This way, I may be able to administer a system even when I do not have a GUI or my favorite GUI administrative tools.
Process Explorer lists the running processes. I can do that with PowerShell as follows:
Get-WMIObject win32_process | select name, handle # (here "handle" is the process handle)
Process Explorer lists the threads each process spawns. I can do that with PowerShell as follows:
Get-WMIObject win32_thread | select processhandle, handle # (here "handle" is the thread handle.)
Process Explorer lists the modules that have been loaded by a process. I can do that with PowerShell as follows:
Get-WMIObject CIM_ProcessExecutable | select Dependent, Antecedent
For a specific process, we can also use:
Get-Process -name <process name> -module
Get-Process -id <process id> -module # (here "process id" is the process handle)
It is not that I can or want to compete with Process Explorer, it is just that Process Explorer gives me a lot of ideas when it comes to administration.
For any actions that you perform using a GUI, you must ask yourself whether you can perform the same actions without a GUI. If you can, then you are able to automate your work (and to keep track of your work) and you are able to administer your systems using PowerShell should the need arise.